<?php
  include_once('session.php');
  include_once('db.php');
  include_once('mail.php');
  
  if ( $_SERVER['REQUEST_METHOD'] === 'POST' )
  {
    // Read the input from stdin     
    //print_r("[".file_get_contents("php://input")."]");
    $username = $_POST['username'];   
  }
  else
  {
    $username = $_GET['username'];    
    // http://localhost/findme/forgotpass.php?username=SergioEstevao
  }
  
  $conn = &ADONewConnection($dbType);
  $conn->PConnect($dbServer, $dbUser, $dbPassword, $dbName);
   
  $query = "select id_user, email, state, name, login from user where lower(login) = ".$conn->qstr(strtolower($username));
  //execute query
  //$conn->debug = true;      
  $rs = $conn->Execute($query);
  if ( !rs.EOF )
  {  
    foreach ($rs as $row) 
    {    
      $userid = $row[0];
      $email  = $row[1];
      $state = $row[2];
      $name = $row[3];
      $userLogin = $row[4];
      if ( $state == 1)
      {              
        $password = rand(1000000,9999999);
        $query = "update user set password = ".$conn->qstr(md5($password))." where lower(login) = ".$conn->qstr(strtolower($username));  
        $conn->Execute($query);
         
        mailLostPassword($userLogin, $name, $email, $password);
      }
    }
  } else {
    $error = true;
    $errordesc = "This Username is not registered!";
  }
   
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml">
  <head>
    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
    <title><?php echo $product_name;?></title>
    <link rel="stylesheet" href="css/main.css" type="text/css">
    
    <script type="text/javascript" src="scripts/md5.js"></script>
    <script type="text/javascript">
      //<![CDATA[
      function lostPassSubmit() {
        if (document.forms["lostpassform"].username.value == '') {
          var error = document.getElementById("error");
          error.innerHTML = "Please enter your username.";
          document.forms["lostpassform"].username.focus();
          return false;
        }               
        return true;
      }
      //]]>
    </script>
    
  </head>
  <body>    
    <div id="main">          
    <?php  
    include_once("header.php");      
    ?>         
    <div id="content">             
      <div id="content">                     
      <h1>Lost Password</h1>      
      <br>
      <p>      
      <?php
        if ($email)
        {
          echo 'The password information was sent to your email address "'.$email.'".';
        }
      ?>
      </p>                  
      <p class="error" id="error">
      <?php         
        if ($error)
        {
          echo $errordesc;
        }
      ?>
      </p>
      <div id="mainform">      
        <form id="lostpassform" class="mform" action="forgotpass.php" onsubmit="return lostPassSubmit();" method="post" enctype="multipart/form-data">
        <table>
          <tr>
            <td><label for="username" accesskey="u">Please enter your user Name:</label></td>
            <td class="btext"><input type="text" name="username" id="username" size="25" value="<?php echo $username; ?>"/></td>
          </tr>          
          <tr><td colspan="2"><hr/></td></tr>
          <tr><td></td><td class="btn" colspan="2"><input type="submit" id="activate" name="signup" value="Retrieve"/></td></tr>
        </table>
        </form>
      </div>      
    <br/>    
    <?php 
        include ("footer.php");      
      ?>
    </div><!-- main -->
    <?php         
        include ("ga.php");
    ?>
  </body>
</html>
